What is Claimed: 

1. A method of preventing a flooding attack on a network 
server in which a large number of requests are received for 
connection to a port number on the server, comprising: 

determining, in response to a request from a host for a 
connection to a port number on the server, if the number of 
connections to the port assigned to the host exceeds a 
prescribed threshold, and, if so, 

denying the request for a connection. 

2. The method of claim 1 in which denying the request 
further comprises: 

overriding the denial and allowing the request if a 
quality of service parameter pertaining to the requesting 
host permits the override. 

3. The method of claim 2 wherein a connection request is 
denied in any event if the number of available connections 
to the port are less than a constrained threshold. 

4 . The method of claim 1 or claim 2 or claim 3 further 
comprising : 
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calculating the prescribed threshold by multiplying a 
percentage P by the number of available connections 
remaining for the port . 

5. Apparatus for preventing a flooding attack on a network 
server in which a large number of requests are received for 
connection to a port number on the server, comprising: 

means for determining, in response to a request from a 
host for a connection to a port number on the server, if the 
number of connections to the port assigned to the host 
exceeds a prescribed threshold, and 

means responsive to the determining means for denying 
the request for a connection. 

6. The apparatus of claim 5 in which means for denying 
further comprises: 

means responsive to a quality of service parameter 
pertaining to the requesting host for overriding a request 
denial and allowing the request. 

7. The apparatus of claim 6 further comprising: 



means for denying a connection request in any event if 
the number of available connections to the port are less 
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4 than a constrained threshold. 

1 8. The apparatus of claim 5 or claim 6 or claim 7 further 

2 comprising: 

3 means for calculating the prescribed threshold by 

4 multiplying a percentage P by the number of available 

5 connections remaining for the port. 

1 9. A storage media containing program code segments for 

2 preventing a flooding attack on a network server in which a 
^JB large number of requests are received for connection to a 

port number on the server, comprising: 

==;« 

2?5 a first code segment activated in response to a request 

yj 

= 6 from a host for a connection to a port number on the server 

nj7 for determining if the number of connections to the port 

Lb8 assigned to the host exceeds a prescribed threshold, and 

9 a second code segment responsive to the first code 

10 segment for denying the request for a connection. 

1 10. The media of claim 9 in which the second code segment 

2 further comprises: 



3 
4 



a third code segment for overriding the denial and 
allowing the request if a quality of service parameter 
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pertaining to the requesting host permits the override. 

11. The media of claim 10 further comprising a fourth code 
segment for denying a connection request in any event if the 
number of available connections to the port are less than a 
constrained threshold. 

12 . The media of claim 9 or claim 10 or claim 11 further 
comprising : 

a fifth code segment for calculating the prescribed 
threshold by multiplying a percentage P by the number of 
available connections remaining for the port. 

13. A carrier wave containing program code segments for 
preventing a flooding attack on a network server in which a 
large number of requests are received for connection to a 
port number on the server, comprising: 

a first code segment activated in response to a request 
from a host for a connection to a port number on the server 
for determining if the number of connections to the port 
assigned to the host exceeds a prescribed threshold, and 

a second code segment responsive to the first code 
segment for denying the request for a connection. 
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1 14, The carrier wave of claim 13 in which the second code 

2 segment further comprises: 

3 a third code segment for overriding the denial and 

4 allowing the request if a quality of service parameter 

5 pertaining to the requesting host permits the override. 

1 15. The carrier wave of claim 14 further comprising a 

2 fourth code segment for denying a connection request in any 

3 event if the number of available connections to the port are 

4 less than a constrained threshold. 

"'i 

Srji 15, The carrier wave of claim 13 or claim 14 or claim 15 
further comprising: 

ei 

=_3 a fifth code segment for calculating the prescribed 

nJ4 threshold by multiplying a percentage P by the number of 

Lu5 available connections remaining for the port. 
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